Removing your site from the Wayback Machine (Keybase)

Reading Time: 3 minutes | Published: 2019-06-03 | Last Edited: 2023-03-19 Privacy Sysadmin


There may be a myriad of reasons you want to do this, from removing sensitive information to regaining a measure of control over your content. Whatever your purpose, below should be a quick and easy way to achieve it.

For domains you own

The easiest way to verify you own a domain is to put a text file in an easily accessible location and email asking for removal and link to it. Mine is at removal-request.txt. It would be better if you didn’t copy mine word-for-word and wrote your own instead though 😉

If that’s all you intend to do, this should be sufficient and there’s no need to read any further. If you want to exclude your profiles as well (for example, all your GitHub repos, Twitter, Mastodon, etc.) read on.

For domains you don’t own

There are a few things I used that worked in harmony to verify my other accounts. Keybase was the most useful for this purpose. It is a proprietary service but I deem the level of proof it facilitates worth compromising for.

The other tool I used was GPG. For the sake of keeping it simple, this guide will just deal with GPG from within Keybase. I really recommend actually learning to use GPG on its own; it’s wonderful for protecting your privacy and verifying your identity in a multitude of situations. The next post will be on using GPG outside of Keybase for this so stay tuned.

Generating your key

After creating your Keybase account, click “add a PGP key”, “I need a public key”, then enter the requisite information. You should use whatever name is associated with the account you’ll be emailing from as well as that address. Wait a bit while it generates the key…

Verifying some accounts

This is where you verify whatever accounts you want removed. Just click the option and go through the steps! Aside from personal websites, Twitter, GitHub, Reddit, etc., you can also prove accounts on a lot of other services (including Mastodon). More are being added every day so check back if there’s something specific you want to address.

Once this is done, you’ll be ready to contact about getting your stuff removed.

Signing some messages

In the top right of Keybase, you’ll see a pencil. Click it and you’ll be taken to a page with a text box. This is where you’ll type your email and the text file for your website proof. For the text file, copy the signed message and paste it into your text editor, save, and put it at the root of your website. For example, mine is at removal-request.txt. It would be better if you didn’t copy mine word for word and wrote your own 😉 For the email, you’ll do the same thing but paste the signed message into your email client, whether that’s Thunderbird, ProtonMail, Tutanota, etc. The text file only needs to contain the request for the (sub)domain removal. The email needs to contain the request for everything along with links to the text file, you Keybase account, and whatever you want removed.

Before sending it, you should also go back to your profile, click your key, and copy everything in the text box that starts with -----BEGIN PGP PUBLIC KEY BLOCK-----. Paste that into another text file but save it with the .asc extension. For example, key.asc. Attach this to the email, send it to, wait a couple days, and you’re done!

This is a self-hosted Commento server that integrates with Akismet for spam filtration. Comments that make it through are still subject to moderator (me) approval before they're displayed publicly.